Server Settings

About this task

Depending on the option you selected in the first step of the wizard, some or all of
the settings may already be displayed on the Server Settings
page. These values are only intended as a guide, and you must adjust them to match
your directory server’s requirements.

Note

If you are using an anonymous directory services server, it is not necessary to
enter a distinguished name (DN) or password.

Follow these steps

Under Directory Services Settings, review/set the
following options:

In the Server text box, enter the fully
qualified hostname of the server used for directory services
look-ups.

Alternatively, enter a comma-separated list of failover servers.The
first in the list should be the primary server. If the primary
server fails, the appliance will attempt to use the other specified
servers in the order that they are named.

Important

If you specify multiple servers, you must ensure
that each of the servers uses an indentical directory structure.
Failure to do so could result in unexpected behavior.

In the Port text box, enter the port number of
the server used for directory services look-ups. The default port is
389, or port 636 for LDAPS. If the Active Directory global catalog (GC)
is used, the port is 3268, or 3269 for a secure connection.

From the Protocol drop-down list, select the
type of LDAP used for user authentication. The default is standard
LDAP, but LDAPS encrypts all
communication between the appliance and the LDAP or Active Directory
server with Secure Sockets Layer (SSL).

Additional configuration is required for LDAPS. For example, in
Active Directory, you must install a valid certificate to enable
LDAPS. For more information, see the following Microsoft articles:
"How to enable LDAP over SSL with a third-party certification
authority," "Requirements for domain controller certificates from a
third-party certification authority," and "Advanced Certificate
Enrollment and Management."

In the DN to authenticate text box, enter the
distinguished name (DN) used to connect to the directory services server
for authentication purposes (if required). Here are some examples of
possible DN formats: